General
-
Target
38d3f5173827b3d7f213cb95de47e2087937eef5c9c3d48caf1dfb9098a063d4
-
Size
388KB
-
Sample
220201-jax6saaggj
-
MD5
83a7ee52acc9f9f728d268acce20d30c
-
SHA1
35ba05bc81abc4e0471efd47dcb69dc262623409
-
SHA256
38d3f5173827b3d7f213cb95de47e2087937eef5c9c3d48caf1dfb9098a063d4
-
SHA512
eb6f3dd0b7ab4ce4e643c0b809de2c6e697ba8d3e2683590c7dccd56223fcc51d4d53faba55d121de8b969ff6f9bf0b5f36cea4163c64155bc9e20c8a27042bb
Static task
static1
Behavioral task
behavioral1
Sample
38d3f5173827b3d7f213cb95de47e2087937eef5c9c3d48caf1dfb9098a063d4.xlsm
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
38d3f5173827b3d7f213cb95de47e2087937eef5c9c3d48caf1dfb9098a063d4.xlsm
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
38d3f5173827b3d7f213cb95de47e2087937eef5c9c3d48caf1dfb9098a063d4
-
Size
388KB
-
MD5
83a7ee52acc9f9f728d268acce20d30c
-
SHA1
35ba05bc81abc4e0471efd47dcb69dc262623409
-
SHA256
38d3f5173827b3d7f213cb95de47e2087937eef5c9c3d48caf1dfb9098a063d4
-
SHA512
eb6f3dd0b7ab4ce4e643c0b809de2c6e697ba8d3e2683590c7dccd56223fcc51d4d53faba55d121de8b969ff6f9bf0b5f36cea4163c64155bc9e20c8a27042bb
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Sets service image path in registry
-